* src/qemu/qemu_audit.h (qemuDomainCgroupAudit): New prototype.
* src/qemu/qemu_audit.c (qemuDomainCgroupAudit): Implement it.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Add audit.
* src/qemu/qemu_cgroup.c (qemuSetupDiskPathAllow)
(qemuSetupChardevCgroup, qemuSetupHostUsbDeviceCgroup)
(qemuSetupCgroup, qemuTeardownDiskPathDeny): Likewise.

* src/qemu/qemu_cgroup.h (struct qemuCgroupData): New helper type.
(qemuSetupDiskPathAllow, qemuSetupChardevCgroup)
(qemuTeardownDiskPathDeny): Drop unneeded prototypes.
(qemuSetupDiskCgroup, qemuTeardownDiskCgroup): Adjust prototype.
* src/qemu/qemu_cgroup.c
(qemuSetupDiskPathAllow, qemuSetupChardevCgroup)
(qemuTeardownDiskPathDeny): Mark static and use new type.
(qemuSetupHostUsbDeviceCgroup): Use new type.
(qemuSetupDiskCgroup): Alter signature.
(qemuSetupCgroup): Adjust caller.
* src/qemu/qemu_hotplug.c (qemuDomainAttachHostUsbDevice)
(qemuDomainDetachPciDiskDevice, qemuDomainDetachSCSIDiskDevice):
Likewise.
* src/qemu/qemu_driver.c (qemudDomainAttachDevice)
(qemuDomainUpdateDeviceFlags): Likewise.

* src/util/cgroup.c (virCgroupAllowDevicePath)
(virCgroupDenyDevicePath): Don't fail with EINVAL for
non-devices.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Update caller.
* src/qemu/qemu_cgroup.c (qemuSetupDiskPathAllow)
(qemuSetupChardevCgroup, qemuSetupHostUsbDeviceCgroup)
(qemuSetupCgroup, qemuTeardownDiskPathDeny): Likewise.

valgrind warns:

==21079== Syscall param rt_sigaction(act->sa_mask) points to uninitialised byte(s)
==21079==    at 0x329840F63E: __libc_sigaction (sigaction.c:67)
==21079==    by 0x4E5A8E7: __virExec (util.c:661)

Regression introduced in commit ab07533e.  Technically, sa_mask
shouldn't affect operation if sa_flags selects sa_handler, and
sa_handler selects SIG_IGN, but better safe than sorry.

* src/util/util.c (__virExec): Supply missing sigemptyset.

Using the 'personality(2)' system call, we can make a container
on an x86_64 host appear to be i686. Likewise for most other
Linux 64bit arches.

* src/lxc/lxc_conf.c: Fill in 32bit capabilities for x86_64 hosts
* src/lxc/lxc_container.h, src/lxc/lxc_container.c: Add API to
  check if an arch has a 32bit alternative
* src/lxc/lxc_controller.c: Set the process personality when
  starting guest

Remove the <stdbool.h> header from all source files / headers
and just put it into internal.h

* src/internal.h: Add <stdbool.h>

This is done for two reasons:
- we are getting very close to 64 flags which is the maximum we can use
  with unsigned long long
- by using LL constants in enum we already violates C99 constraint that
  enum values have to fit into int

The new name complies more with the fact that it contains a set of
qemuCapsFlags.

Three new functions (qemuCapsSet, qemuCapsClear, and qemuCapsGet) were
introduced replacing direct bit operations.

The new names comply more with the fact that they are all members of
enum qemuCapsFlags.

When spawning 'init' in the container, set

  LIBVIRT_LXC_UUID=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
  LIBVIRT_LXC_NAME=YYYYYYYYYYYY

to allow guest software to detect & identify that they
are in a container

* src/lxc/lxc_container.c: Set LIBVIRT_LXC_UUID and
  LIBVIRT_LXC_NAME env vars

In a couple of commands virsh catches & ignores errors, but fails
to reset last_error. Thus the error is ignored, but still reported
to the user.

* tools/virsh.c: Reset last_error if ignoring an error

The virFileAbsPath was not taking into account the '/' directory
separator when allocating memory for combining cwd + path. Convert
to use virAsprintf to avoid this type of bug completely.

* src/util/util.c: Convert virFileAbsPath to use virAsprintf

Normal practice for /dev/pts is to have it mode=620,gid=5
but LXC was leaving mode=000,gid=0 preventing unprivilegd
users in the guest use of PTYs

* src/lxc/lxc_controller.c: Fix /dev/pts setup

Leak introduced in commit d6623003.

* src/qemu/qemu_driver.c (qemuSecurityInit): Avoid leak on failure.
* src/security/security_stack.c (virSecurityStackClose): Avoid
leaking component drivers.

Current code does an IFF_UP on a 8021Qbh interface immediately after a port
profile set. This is ok in most cases except when its the migration prepare
stage. During migration we want to postpone IFF_UP'ing the interface on the
destination host until the source host has disassociated the interface.
This patch moves IFF_UP of the interface to the final stage of migration.
The motivation for this change is to postpone any addr registrations on the
destination host until the source host has done the addr deregistrations.

While at it, for symmetry with associate move ifDown of a 8021Qbh interface
to before disassociate

"__func__" is useless there, as VIR_DEBUG will print the function
name.

* src/storage/storage_backend_mpath.c

Otherwise extra information will be printed even if "--quiet"
is specified.

* tools/virsh.c

Currently, we need virIsDevMapperDevice() when we build libvirt with
disk or mpath storage drivers.  So we should check device-mapper-devel
when we build with disk storage driver but without mpath storage
driver.

* libvirt.spec.in (Requires): Add gnutls-utils, for virt-pki-validate.
Suggested by Daniel P. Berrange.

Steps to reproduce this bug:
1. virsh attach-disk domain --source imagefile --target sdb --sourcetype file --driver qemu --subdriver raw
2. virsh detach-device controller.xml # remove scsi controller 0
3. virsh detach-disk domain sdb
   error: Failed to detach disk
   error: operation failed: detaching scsi0-0-1 device failed: Device 'scsi0-0-1' not found

I think we should not detach a controller when it is used by some other device.
Signed-off-by: NWen Congyang <wency@cn.fujitsu.com>

* python/tests/create.py: Use correct wording.

Alas, the shell is not a real programming language.

Patch generated by manual confirmation of vim's
s/[^"]\@<=\$\S\+\s\@=/"&"/gc
and
s/\(echo \)\@<=[^"].*\$.*$/"&"/c matches.

This patch generate a lot of noise and carries little benefits, as
I do not really expect $PKI to contain spaces or backticks. I'm just
fuming, and would not really mind if this patch is ignored

Try to avoid future regressions on the VPATH front.

* autobuild.sh: Uncomment VPATH use.
* .gitignore: Exclude build directory.

A diff of 'make dist' from in-tree vs. a VPATH build showed
that we were missing docs/api_extension/*.patch files, but
shipping other files that we didn't need.

* bootstrap.conf (gnulib_extra_files): Don't distribute files we
don't care about.
* docs/Makefile.am (patches): Perform wildcard correctly.

Right now, 'man libvirtd' includes information that depends on
configure results, so it must be generated on the fly and live
in $(builddir); however, requiring pod2man on all end user
machines is overkill.  Meanwhile, 'man virsh' doesn't mention
any configure results, so it can be built at 'make dist' time.
If that situation changes in the future, we can generate virsh.1
in the same way that we generate libvirtd.8.

* daemon/Makefile.am (libvirtd.8.in): New rule, to run pod2man in
advance of distribution.
(libvirtd.8): Use only sed from tarball.
(EXTRA_DIST): Ship new file.
(libvirtd.pod): Delete unused rule.
(man8_MANS): Let automake know which section to use.
(CLEANFILES, MAINTAINERCLEANFILES): Adjust to new files.
* tools/Makefile.am (dist_man1_MANS): Distribute pre-built man
pages, fine since they don't require any substitution.
(virt-xml-validate.1, virt-pki-validate.1): Change input source.
(virsh.1): Build into srcdir.
(CLEANFILES, MAINTAINERCLEANFILES): Adjust to new build style.
* daemon/.gitignore: Update.
Reported by Diego Elio Pettenò.

Done mechanically with:
$ git grep -l '\bDEBUG0\? *(' | xargs -L1 sed -i 's/\bDEBUG0\? *(/VIR_&/'

followed by manual deletion of qemudDebug in daemon/libvirtd.c, along
with a single 'make syntax-check' fallout in the same file, and the
actual deletion in src/util/logging.h.

* src/util/logging.h (DEBUG, DEBUG0): Delete.
* daemon/libvirtd.h (qemudDebug): Likewise.
* global: Change remaining clients over to VIR_DEBUG counterpart.

Two-argument free functions are uncommon; match the style elsewhere
by caching the callback at creation.

* src/util/hash.h (virHashCreate, virHashFree): Move deallocator
argument to creation.
* cfg.mk (useless_free_options): Add virHashFree.
* src/util/hash.c (_virHashTable): Track deallocator.
(virHashCreate, virHashFree): Update to new signature.
* src/conf/domain_conf.c (virDomainObjListDeinit)
(virDomainObjListInit, virDomainDiskDefForeachPath)
(virDomainSnapshotObjListDeinit, virDomainSnapshotObjListInit):
Update callers.
* src/conf/nwfilter_params.c (virNWFilterHashTableFree)
(virNWFilterHashTableCreate): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterTriggerVMFilterRebuild):
Likewise.
* src/cpu/cpu_generic.c (genericHashFeatures, genericBaseline):
Likewise.
* src/xen/xm_internal.c (xenXMOpen, xenXMClose): Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnInit)
(virNWFilterLearnShutdown): Likewise.
* src/qemu/qemu_command.c (qemuDomainPCIAddressSetCreate)
(qemuDomainPCIAddressSetFree): Likewise.
* src/qemu/qemu_process.c (qemuProcessWaitForMonitor): Likewise.

XSLT allows for two ways of generating the output of transformation.
Either implicit, which xsltproc prints to stdout and can be redirected
to a file using -o file. Or explicit, which means the stylesheet
contains <xsl:document> element which specifies where the output should
be saved. This can be used for generating more files by a single run of
xsltproc and -o directory/ can change the directory where the output
files will be stored.

devhelp.xsl is special in that it combines both options in one
stylesheet, which doesn't work well with -o:

xsltproc --nonet -o ./devhelp/ ./devhelp/devhelp.xsl ./libvirt-api.xml

Outputs 4 *.html files into ./devhelp but then tries to write to
./devhelp/ as a file (hence the I/O error) rather than writing output to
the fifth file devhelp/libvirt.devhelp.

This patch modifies devhelp.xsl so that all files are generated using
<xsl:document> element and -o directory/ can be used to override output
directory where those files are saved.

The virConnectPtr struct will cache instances of all other
objects. APIs like virDomainLookupByUUID will return a
cached object, so if you do virDomainLookupByUUID twice in
a row, you'll get the same exact virDomainPtr instance.

This does not have any performance benefit, since the actual
logic in virDomainLookupByUUID (and other APIs returning
virDomainPtr, etc instances) is not short-circuited. All
it does is to ensure there is only one single virDomainPtr
in existance for any given UUID.

The caching has a number of downsides though, all relating
to stale data. If APIs aren't careful to always overwrite
the 'id' field in virDomainPtr it may become out of data.
Likewise for the name field, if a guest is renamed, or if
a guest is deleted, and then a new one created with the
same UUID but different name.

This has been an ongoing, endless source of bugs for all
applications using libvirt from languages with garbage
collection, causing them to get virDomainPtr instances
from long ago with stale data.

The caching is also a waste of memory resources, since
both applications, and language bindings often maintain
their own hashtable caches of object instances.

This patch removes all the hash table caching, so all
APIs return brand new virDomainPtr (etc) object instances.

* src/datatypes.h: Delete all hash tables.
* src/datatypes.c: Remove all object caching code